Lastline Defenderfor Email

Defeat Advanced Threats to Email

Lastline Defender™ is a complementary layer of defense to enhance your email security controls. You can deploy it anywhere you want to improve your email security against advanced threats engineered to evade detection:

Lastline Defender works with your existing email system to protect your organization from email-based threats like ransomware, cryptomining, credential stealing, social engineering, and spear-phishing.

Secure Any Email System

Use Lastline Defender to improve email security
of both cloud and customer-managed systems.

Lastline Defender for Microsoft Office 365 Mail and Gmail

Lastline Defender provides unmatched threat protection for Microsoft Office 365 mail and Gmail. It is an additional layer of defense against threats that bypass those applications’ limited security controls.

Lastline Defender for Customer-Managed Email Systems

Lastline Defender gives you the ability to augment your existing email security controls with a complementary layer of protection that detects the advanced malware other technologies miss, without adding significant cost or complexity.

Security controls such as Secure Email Gateways (SEGs) are effective for blocking some threats like spam but cannot combat advanced malware like keyloggers and ransomware. The evasion techniques that are commonplace in advanced malware easily fool even “next-generation” technologies like sandboxes that supplement SEGs.

We designed the Lastline® architecture to give you the maximum protection you want while offering the deployment flexibility and low TCO you need. Lastline Defender has three components to deploy:

Sensors scans traffic for indicators and anomalies that reveal malicious content and behavior. Sensors reside in your network and run on either off-the-shelf hardware or on virtual machines.

The Manager analyzes files sent by Sensors. The Manager will then send objects to Detection Engines for analysis if needed.

The Detection Engine performs analysis of suspect files using our market-leading sandbox technology. The Detection Engine sends the results of the analysis back to the Manager.

You can configure these components to complement your SEG and MTA (Mail Transport Agent) systems. You can choose between three deployment options to passively monitor or actively block malicious content.

Deploy Lastline Defender in different modes to protect on-premises or cloud mail systems.

Defeat Account Takeover

Lastline Defender delivers unmatched threat visibility and accurately detects ransomware, fileless malware, credential stealers, and other mail-based attacks. It enables you to understand the objective of the attack, as well as respond faster to the threat before a data breach occurs.

Lastline’s anti-phishing algorithm combines traditional analysis capabilities with a proprietary machine learning algorithm that looks at all aspects of the email and is specifically trained to catch the threats Microsoft Office 365 mail and Gmail miss. With the addition of account takeover prevention and advanced malware detection, Lastline provides a complete mail security solution to protect your organization from phishing schemes.

Industry-Leading Detection

Lastline Defender gives you unmatched visibility into threats attempting to enter your network by incorporating our industry-leading sandbox technology. It deconstructs every malicious behavior engineered into an object entering via mail as well as identifies malicious links. It sees all instructions that a program executes, all memory content, and all operating system activity.

This visibility enables your security team to see a complete inventory of unique file behaviors that other tools fail to detect, such as activity observed when executing programs, opening documents, unpacking archives, and rendering web content.

Lastline Defender’s superior visibility also makes the analysis much harder to evade. It detects malware that’s engineered to evade sandboxes, next-generation firewalls, and other next-gen tools.

Option

Description

Detect or
Block?

In-line Deployment?

1

SMTP Monitoring

Detect Only

No

2A

MTA Mode with Email Delivery

Detect & Block

Yes

2B

MTA Mode without Email Delivery

Detect Only

No

3

BCC Mode

Detect Only

No

Deep Content Inspection Delivers Unmatched Visibility into Malware.

Global Threat Intelligence

Lastline Defender also incorporates the latest information on malicious behaviors extracted from millions of malicious objects submitted by our customers and partners. The Lastline Global Threat Intelligence Network, a cloud-based global repository of threats curated by the Lastline threat research team, continuously updates our AI on emerging threats as soon as they are seen by any Lastline partner or customer. This means your deployment is able to detect the latest emerging threats.

Prevent Business Email Compromise

Business Email Compromise (BEC) attacks often target cloud email systems like Microsoft Office 365 mail and Gmail. They start with a spear-phishing attack or spoofed emails targeted at specific executives in order to commit fraud.

Difficult to Identify

These attacks evade detection from email security controls that rely on content scanning or signature-matching. The emails do not contain links to any fraudulent sites or have malicious attachments, which normally trigger alerts.

Instead BEC attackers use publicly available data from social and business media sites to identify reporting relationships as well as names and titles of coworkers, upcoming travel, and so forth. They’ll use this knowledge to create a realistic looking message from a trusted co-worker to initiate a fraudulent transaction, such as a wire transfer.